153 lines
4.5 KiB
Plaintext
153 lines
4.5 KiB
Plaintext
<VirtualHost *:80>
|
|
ServerName <%= @vhost_name %>
|
|
ServerAdmin <%= scope.lookupvar('::zuul::serveradmin') %>
|
|
DocumentRoot /var/lib/zuul/www
|
|
|
|
<Directory /var/lib/zuul/www>
|
|
<IfVersion >= 2.4>
|
|
Require all granted
|
|
</IfVersion>
|
|
<IfVersion < 2.4>
|
|
Order deny,allow
|
|
Allow from all
|
|
</IfVersion>
|
|
</Directory>
|
|
<Directory /usr/lib/git-core>
|
|
<IfVersion >= 2.4>
|
|
Require all granted
|
|
</IfVersion>
|
|
<IfVersion < 2.4>
|
|
Order deny,allow
|
|
Allow from all
|
|
</IfVersion>
|
|
</Directory>
|
|
|
|
ErrorLog ${APACHE_LOG_DIR}/<%= @vhost_name %>-error.log
|
|
|
|
LogLevel warn
|
|
|
|
CustomLog ${APACHE_LOG_DIR}/<%= @vhost_name %>-access.log combined
|
|
|
|
RewriteEngine on
|
|
<% scope.lookupvar('::zuul::block_referers').each do |referer| -%>
|
|
RewriteCond %{HTTP_REFERER} =<%= referer %>
|
|
RewriteRule ^/status - [F]
|
|
RewriteCond %{HTTP_REFERER} =<%= referer %>
|
|
RewriteRule ^/status.json - [F]
|
|
<% end -%>
|
|
|
|
RewriteRule ^/status.json$ <%= scope.lookupvar('::zuul::zuul_status_url') %>/status.json [P]
|
|
RewriteRule ^/status/(.*) <%= scope.lookupvar('::zuul::zuul_status_url') %>/status/$1 [P]
|
|
|
|
AddOutputFilterByType DEFLATE application/json
|
|
|
|
SetEnv GIT_PROJECT_ROOT /var/lib/zuul/git/
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
|
|
AliasMatch ^/p/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /var/lib/zuul/git/$1
|
|
AliasMatch ^/p/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /var/lib/zuul/git/$1
|
|
ScriptAlias /p/ /usr/lib/git-core/git-http-backend/
|
|
|
|
<IfModule mod_cache.c>
|
|
CacheDefaultExpire 5
|
|
<IfModule mod_mem_cache.c>
|
|
CacheEnable mem /status
|
|
CacheEnable mem /status.json
|
|
# 12MByte total cache size.
|
|
MCacheSize 12288
|
|
MCacheMaxObjectCount 10
|
|
MCacheMinObjectSize 1
|
|
# 8MByte max size per cache entry
|
|
MCacheMaxObjectSize 8388608
|
|
MCacheMaxStreamingBuffer 8388608
|
|
</IfModule>
|
|
<IfModule mod_cache_disk.c>
|
|
CacheEnable disk /status
|
|
CacheEnable disk /status.json
|
|
CacheRoot /var/cache/apache2/mod_cache_disk
|
|
</IfModule>
|
|
</IfModule>
|
|
</VirtualHost>
|
|
|
|
<% if scope.lookupvar('::zuul::proxy_ssl_cert_file_contents') != '' %>
|
|
<IfModule mod_ssl.c>
|
|
<VirtualHost *:443>
|
|
ServerName <%= @vhost_name %>
|
|
ServerAdmin <%= scope.lookupvar('::zuul::serveradmin') %>
|
|
DocumentRoot /var/lib/zuul/www
|
|
SSLEngine on
|
|
SSLProtocol All -SSLv2 -SSLv3
|
|
SSLCertificateFile /etc/ssl/certs/<%= @vhost_name %>.pem
|
|
SSLCertificateKeyFile /etc/ssl/private/<%= @vhost_name %>.key
|
|
<% if scope.lookupvar('::zuul::proxy_ssl_chain_file_contents') != '' %>
|
|
SSLCertificateChainFile /etc/ssl/certs/<%= @vhost_name %>_intermediate.pem
|
|
<% end %>
|
|
|
|
<Directory /var/lib/zuul/www>
|
|
<IfVersion >= 2.4>
|
|
Require all granted
|
|
</IfVersion>
|
|
<IfVersion < 2.4>
|
|
Order deny,allow
|
|
Allow from all
|
|
</IfVersion>
|
|
</Directory>
|
|
<Directory /usr/lib/git-core>
|
|
<IfVersion >= 2.4>
|
|
Require all granted
|
|
</IfVersion>
|
|
<IfVersion < 2.4>
|
|
Order deny,allow
|
|
Allow from all
|
|
</IfVersion>
|
|
</Directory>
|
|
|
|
ErrorLog ${APACHE_LOG_DIR}/<%= @vhost_name %>-error.log
|
|
|
|
LogLevel warn
|
|
|
|
CustomLog ${APACHE_LOG_DIR}/<%= @vhost_name %>-access.log combined
|
|
|
|
RewriteEngine on
|
|
<% scope.lookupvar('::zuul::block_referers').each do |referer| -%>
|
|
RewriteCond %{HTTP_REFERER} =<%= referer %>
|
|
RewriteRule ^/status - [F]
|
|
RewriteCond %{HTTP_REFERER} =<%= referer %>
|
|
RewriteRule ^/status.json - [F]
|
|
<% end -%>
|
|
|
|
RewriteRule ^/status.json$ <%= scope.lookupvar('::zuul::zuul_status_url') %>/status.json [P]
|
|
RewriteRule ^/status/(.*) <%= scope.lookupvar('::zuul::zuul_status_url') %>/status/$1 [P]
|
|
|
|
AddOutputFilterByType DEFLATE application/json
|
|
|
|
SetEnv GIT_PROJECT_ROOT /var/lib/zuul/git/
|
|
SetEnv GIT_HTTP_EXPORT_ALL
|
|
|
|
AliasMatch ^/p/(.*/objects/[0-9a-f]{2}/[0-9a-f]{38})$ /var/lib/zuul/git/$1
|
|
AliasMatch ^/p/(.*/objects/pack/pack-[0-9a-f]{40}.(pack|idx))$ /var/lib/zuul/git/$1
|
|
ScriptAlias /p/ /usr/lib/git-core/git-http-backend/
|
|
|
|
<IfModule mod_cache.c>
|
|
CacheDefaultExpire 5
|
|
<IfModule mod_mem_cache.c>
|
|
CacheEnable mem /status
|
|
CacheEnable mem /status.json
|
|
# 12MByte total cache size.
|
|
MCacheSize 12288
|
|
MCacheMaxObjectCount 10
|
|
MCacheMinObjectSize 1
|
|
# 8MByte max size per cache entry
|
|
MCacheMaxObjectSize 8388608
|
|
MCacheMaxStreamingBuffer 8388608
|
|
</IfModule>
|
|
<IfModule mod_cache_disk.c>
|
|
CacheEnable disk /status
|
|
CacheEnable disk /status.json
|
|
CacheRoot /var/cache/apache2/mod_cache_disk
|
|
</IfModule>
|
|
</IfModule>
|
|
</VirtualHost>
|
|
</IfModule>
|
|
<% end %>
|